CtrlK
BlogDocsLog inGet started
Tessl Logo

k8s-security-policies

Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards.

87

1.21x
Quality

Does it follow best practices?

Impact

95%

1.21x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is highly actionable with complete, executable manifests and commands, but is somewhat repetitive and presents a catalog rather than a validated workflow. A dangling referenced file weakens progressive disclosure.

Suggestions

Add a brief apply-and-verify workflow with validation checkpoints (e.g., `kubectl apply -f ...` then `kubectl get networkpolicy` / `kubectl auth can-i`) for at least the NetworkPolicy and RBAC sections.

Remove or create the missing `assets/pod-security-template.yaml`, or drop the dangling reference, so every listed Reference File resolves.

Consolidate the three near-identical Pod Security Standard namespace blocks into one parameterized example plus a one-line note on the privileged/baseline/restricted label values to reduce repetition.

DimensionReasoningScore

Conciseness

Mostly efficient YAML examples with little explanatory fluff, but the three near-identical Pod Security Standard namespace blocks and duplicate reference listings add repetition that could be tightened.

2 / 3

Actionability

Provides many complete, copy-paste-ready YAML manifests (NetworkPolicy, RBAC, PeerAuthentication) and executable kubectl troubleshooting commands.

3 / 3

Workflow Clarity

Content is a well-organized policy catalog rather than a sequenced workflow, and lacks explicit validation checkpoints for applying policies cluster-wide (e.g., no 'verify policy applied' step).

2 / 3

Progressive Disclosure

References are one level deep and signaled via a Reference Files section, but `assets/pod-security-template.yaml` is referenced yet absent from the bundle, and RBAC examples duplicated inline rather than offloaded to `references/rbac-patterns.md`.

2 / 3

Total

9

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific, uses third-person voice, includes explicit trigger guidance, and clearly distinguishes its niche. It is concise while covering what and when well.

DimensionReasoningScore

Specificity

Names multiple concrete actions (NetworkPolicy, PodSecurityPolicy, RBAC) for production-grade security, matching the anchor for listing several specific concrete actions.

3 / 3

Completeness

Explicitly answers both what it does ('Implement Kubernetes security policies including...') and when to use it ('Use when securing Kubernetes clusters...').

3 / 3

Trigger Term Quality

The 'Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards' clause covers natural terms a user would say when they need this skill.

3 / 3

Distinctiveness Conflict Risk

Targets a clear niche (Kubernetes security policies) with distinct triggers unlikely to conflict with unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

referenced_paths_exist

Referenced path issues: 1 missing

Warning

Total

15

/

16

Passed

Repository
Dicklesworthstone/pi_agent_rust
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.